Shopping at small businesses empowers local economies and encourages economic growth. As a consumer, you should typically feel confident about supporting these organizations. However, are you risking your sensitive data by doing so?
Many small businesses choose to store data in the cloud, given its accessibility, cost, and efficiency. A new survey on cloud storage providers by Clutch says that these businesses may not be keeping their cloud storage secure, though.
If small businesses using cloud storage aren’t properly securing sensitive data, they may fall prey to a security breach and anger previously loyal customers. While consumers are growing increasingly numb to large-scale security breaches (i.e. the Equifax breach), they will not react kindly to a compromised credit card, especially if the breach can be traced right back to shopping at your business.
To effectively secure cloud storage, small businesses should understand the following:
- Options for additional security measures
- Pertinent industry regulations
- Common-sense approaches to cloud storage security
Read more to understand the state of small business cloud storage security and how small businesses can securely store their data in the cloud.
Additional Security Measures are Critical
Cloud storage isn’t secure for all data automatically. You cannot set it up and immediately forget about security.
While cloud storage providers do offer some security out-of-the-box, the most effective security measures are often ones you need to actively implement or train employees on.
Over half of U.S. small businesses say they use encryption (60%), employee training (58%), or two-factor authentication (53%) to secure their cloud storage.
Two-factor authentication is perhaps one of the strongest and easiest additional security measures that a small business can implement. When two-factor authentication is enabled, a user must enter a password, plus a code sent via email or text message, to access the cloud storage provider.
This means that even if an employee is careless with their password, a hacker cannot gain access to the cloud storage provider through one login alone. They will also need to hack into a user’s email or phone to gain access to the cloud storage provider – a much more difficult task.
Be sure to explore options for additional cloud storage security measures – it may be simpler to implement than you thought.
Know Your Industry Regulations
Does your small business store customer credit card or banking information from some of the world’s major credit card brands, including Visa and Discover?
The answer to that question is likely yes.
Does your business fully comply with the Payment Card Industry Data Security Standard (PCI DSS)? You should, or risk fines upwards of millions of dollars.
Yet, 62% of small businesses that store customer credit card or banking information say that they do not follow industry regulations, according to Clutch’s survey.
PCI DSS is not a law, but major credit card brands can levy large fines if a business is found not complying with the standard. If your small business stores medical data, you should be sure to comply with the Health Insurance Portability and Accountability Act (HIPAA). This standard, a law signed into effect in 1996, also carries huge fines for non-compliance.
Industry regulations protect small businesses from security breaches, but by following them fully, a small business can also protect something else important – their integrity.
“Standards give you the ability to protect yourself from a liability standpoint, saying ‘I followed all the standards that were mandated. I still got hacked.’ And you shrug it off,” said Ghazanfar Ghori, CTO of 10Pearls, a software and mobile app development agency.
Hackers will constantly be finding new ways to steal data, some of which will outsmart industry regulations. However, if you fully comply with regulations, you can better protect customer data and defend your business’s commitment to security, despite any potential breaches.
Think Twice About Cloud Storage Security
One of the most important things you can do to protect your cloud storage is simply to give it thought.
Cloud storage is relatively easy. You do not need to be an expert in the technology to utilize the technology. The same is true about security – don’t put off securing your cloud storage simply because you think it’s too difficult or confusing. Additional security measures are often easy to implement, and a plethora of research exists online to explain any mandatory industry regulations.
However, you must be motivated to take that extra step and learn about security. Clutch’s survey shows improvement. For example, less small businesses are using free cloud storage providers to store sensitive data such as credit card or medical information in 2017, compared to 2016.
A small business shouldn’t be scared of using the cloud to maximize their data storage and improve their business. However, they should also be sure they understand what must be done to secure their cloud storage provider. Click below to learn more about Teramind.
Editor’s Note: The writer’s opinions expressed in this guest article are those of the contributor, and do not necessarily reflect those of IT Security Central and Teramind Co.